Practical secure aggregation for privacy-preserving machine learning
We design a novel, communication-efficient, failure-robust protocol for secure aggregation of
high-dimensional data. Our protocol allows a server to compute the sum of large, user-held …
high-dimensional data. Our protocol allows a server to compute the sum of large, user-held …
A pragmatic introduction to secure multi-party computation
Secure multi-party computation (MPC) has evolved from a theoretical curiosity in the 1980s
to a tool for building real systems today. Over the past decade, MPC has been one of the …
to a tool for building real systems today. Over the past decade, MPC has been one of the …
Wolverine: fast, scalable, and communication-efficient zero-knowledge proofs for boolean and arithmetic circuits
Efficient zero-knowledge (ZK) proofs for arbitrary boolean or arithmetic circuits have recently
attracted much attention. Existing solutions suffer from either significant prover overhead (ie …
attracted much attention. Existing solutions suffer from either significant prover overhead (ie …
Post-quantum zero-knowledge and signatures from symmetric-key primitives
We propose a new class of post-quantum digital signature schemes that:(a) derive their
security entirely from the security of symmetric-key primitives, believed to be quantum …
security entirely from the security of symmetric-key primitives, believed to be quantum …
Ciphers for MPC and FHE
Designing an efficient cipher was always a delicate balance between linear and non-linear
operations. This goes back to the design of DES, and in fact all the way back to the seminal …
operations. This goes back to the design of DES, and in fact all the way back to the seminal …
Two halves make a whole: Reducing data transfer in garbled circuits using half gates
The well-known classical constructions of garbled circuits use four ciphertexts per gate,
although various methods have been proposed to reduce this cost. The best previously …
although various methods have been proposed to reduce this cost. The best previously …
Fairswap: How to fairly exchange digital goods
We introduce FairSwap--an efficient protocol for fair exchange of digital goods using smart
contracts. A fair exchange protocol allows a sender S to sell a digital commodity x for a fixed …
contracts. A fair exchange protocol allows a sender S to sell a digital commodity x for a fixed …
Improved non-interactive zero knowledge with applications to post-quantum signatures
Recent work, including ZKBoo, ZKB++, and Ligero, has developed efficient non-interactive
zero-knowledge proofs of knowledge (NIZKPoKs) for Boolean circuits based on symmetric …
zero-knowledge proofs of knowledge (NIZKPoKs) for Boolean circuits based on symmetric …
Tumblebit: An untrusted bitcoin-compatible anonymous payment hub
E Heilman, L Alshenibr, F Baldimtsi… - … and distributed system …, 2017 - open.bu.edu
This paper presents TumbleBit, a new unidirectional unlinkable payment hub that is fully
compatible with today s Bitcoin protocol. TumbleBit allows parties to make fast, anonymous …
compatible with today s Bitcoin protocol. TumbleBit allows parties to make fast, anonymous …
Mystique: Efficient conversions for {Zero-Knowledge} proofs with applications to machine learning
Recent progress in interactive zero-knowledge (ZK) proofs has improved the efficiency of
proving large-scale computations significantly. Nevertheless, real-life applications (eg, in the …
proving large-scale computations significantly. Nevertheless, real-life applications (eg, in the …